Skip to content

Commit b04cd22

Browse files
bkrembkrem
authored
fix: update Next.js to patched versions to fix middleware authorization bypass vulnerability (#862)
Updated Next.js versions in multiple dapps to address security vulnerability. Applied patches as follows: - react-dapp-v2: updated from 12.2.4 to 14.2.25 - react-dapp-v2-with-ethers: updated from 12.3.4 to 14.2.25 - smart-sessions-demo: updated from 14.2.21 to 14.2.25 - chain-abstraction-demo: updated from 14.2.7 to 14.2.25 Also updated corresponding eslint-config-next versions to match.
1 parent 388a645 commit b04cd22

File tree

8 files changed

+1828
-1519
lines changed

8 files changed

+1828
-1519
lines changed

advanced/dapps/chain-abstraction-demo/package.json

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@
2323
"class-variance-authority": "0.7.0",
2424
"clsx": "2.1.1",
2525
"lucide-react": "0.439.0",
26-
"next": "14.2.7",
26+
"next": "14.2.25",
2727
"next-themes": "^0.4.4",
2828
"ox": "0.6.9",
2929
"react": "18.3.1",
@@ -41,11 +41,11 @@
4141
"@types/react-dom": "^18",
4242
"encoding": "0.1.13",
4343
"eslint": "^8",
44-
"eslint-config-next": "14.2.7",
44+
"eslint-config-next": "14.2.25",
4545
"pino-pretty": "^11.3.0",
4646
"postcss": "^8",
4747
"prettier": "^3.3.3",
4848
"tailwindcss": "^3.4.1",
4949
"typescript": "^5"
5050
}
51-
}
51+
}

advanced/dapps/chain-abstraction-demo/yarn.lock

Lines changed: 457 additions & 331 deletions
Large diffs are not rendered by default.

advanced/dapps/react-dapp-v2-with-ethers/package.json

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@
4545
"eth-sig-util": "^2.5.3",
4646
"ethereumjs-util": "^7.0.6",
4747
"ethers": "5.7.2",
48-
"next": "12.3.4",
48+
"next": "14.2.25",
4949
"prop-types": "^15.7.2",
5050
"qr-image": "^3.2.0",
5151
"react": "^18.3.1",
@@ -70,7 +70,8 @@
7070
"@types/react": "18.0.15",
7171
"@types/react-dom": "18.0.6",
7272
"@types/styled-components": "^5.1.34",
73-
"prettier": "^2.5.1"
73+
"prettier": "^2.5.1",
74+
"eslint-config-next": "14.2.25"
7475
},
7576
"eslintConfig": {
7677
"extends": [

advanced/dapps/react-dapp-v2-with-ethers/pnpm-lock.yaml

Lines changed: 718 additions & 661 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

advanced/dapps/react-dapp-v2/package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@
4040
"ethereumjs-util": "^7.0.6",
4141
"ethers": "^5.3.0",
4242
"fp-ts": "^2.13.1",
43-
"next": "15.2.3",
43+
"next": "14.2.25",
4444
"prop-types": "^15.7.2",
4545
"qr-image": "^3.2.0",
4646
"react": "^18.3.1",
@@ -63,7 +63,7 @@
6363
"@types/react-dom": "18.0.6",
6464
"@types/styled-components": "^5.1.34",
6565
"eslint": "8.21.0",
66-
"eslint-config-next": "12.2.4",
66+
"eslint-config-next": "14.2.25",
6767
"eslint-plugin-package-json": "^0.13.1",
6868
"jsonc-eslint-parser": "^2.4.0",
6969
"pino-pretty": "^13.0.0",

advanced/dapps/react-dapp-v2/pnpm-lock.yaml

Lines changed: 581 additions & 336 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

advanced/dapps/smart-sessions-demo/package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@
3333
"class-variance-authority": "^0.7.0",
3434
"clsx": "2.1.0",
3535
"lucide-react": "^0.427.0",
36-
"next": "14.2.21",
36+
"next": "14.2.25",
3737
"next-themes": "^0.3.0",
3838
"permissionless": "0.1.31",
3939
"pino-pretty": "^11.2.2",
@@ -54,7 +54,7 @@
5454
"@types/react": "^18",
5555
"@types/react-dom": "^18",
5656
"eslint": "^9.9.0",
57-
"eslint-config-next": "14.2.5",
57+
"eslint-config-next": "14.2.25",
5858
"eslint-config-prettier": "^9.1.0",
5959
"eslint-plugin-prettier": "^5.2.1",
6060
"eslint-plugin-react": "^7.35.0",

0 commit comments

Comments
 (0)